ata-coder 2.4.3__tar.gz → 2.4.4__tar.gz

{ata_coder-2.4.3/ata_coder.egg-info → ata_coder-2.4.4}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: ata-coder
-Version: 2.4.3
+Version: 2.4.4
 Summary: ATA Coder — AI-powered coding assistant
 Author: ATA Coder Team
 License-Expression: MIT
@@ -51,6 +51,10 @@ Dynamic: license-file
 
 ATA Coder is a CLI AI coding assistant compatible with OpenAI and Anthropic APIs. It runs on a **single-threaded asyncio event loop** — no threads, no race conditions, low memory. Features deterministic AST-based code editing, sub-agent pool, MCP support, and a built-in HTTP API server.
 
+```bash
+pip install ata-coder
+```
+
 ### Architecture (v2.3.3)
 
 ```
@@ -95,7 +99,12 @@ asyncio Event Loop (single-threaded)
 ### Quick Start
 
 ```bash
+# Install from PyPI (recommended)
+pip install ata-coder
+
+# Or install from source (development)
 pip install -e .
+
 ata                          # Interactive REPL
 ata run "Add type hints"     # Single task
 ata server --port 8080       # HTTP API server
@@ -558,7 +567,12 @@ asyncio 事件循环（单线程）
 ### 快速开始
 
 ```bash
+# 从 PyPI 安装（推荐）
+pip install ata-coder
+
+# 或从源码安装（开发模式）
 pip install -e .
+
 ata                          # 交互模式
 ata run "添加类型注解"        # 单任务
 ata server --port 8080       # API 服务

{ata_coder-2.4.3 → ata_coder-2.4.4}/README.md

@@ -28,6 +28,10 @@
 
 ATA Coder is a CLI AI coding assistant compatible with OpenAI and Anthropic APIs. It runs on a **single-threaded asyncio event loop** — no threads, no race conditions, low memory. Features deterministic AST-based code editing, sub-agent pool, MCP support, and a built-in HTTP API server.
 
+```bash
+pip install ata-coder
+```
+
 ### Architecture (v2.3.3)
 
 ```
@@ -72,7 +76,12 @@ asyncio Event Loop (single-threaded)
 ### Quick Start
 
 ```bash
+# Install from PyPI (recommended)
+pip install ata-coder
+
+# Or install from source (development)
 pip install -e .
+
 ata                          # Interactive REPL
 ata run "Add type hints"     # Single task
 ata server --port 8080       # HTTP API server
@@ -535,7 +544,12 @@ asyncio 事件循环（单线程）
 ### 快速开始
 
 ```bash
+# 从 PyPI 安装（推荐）
+pip install ata-coder
+
+# 或从源码安装（开发模式）
 pip install -e .
+
 ata                          # 交互模式
 ata run "添加类型注解"        # 单任务
 ata server --port 8080       # API 服务

{ata_coder-2.4.3 → ata_coder-2.4.4}/agent_compact.py

@@ -4,6 +4,7 @@ import json
 import logging
 
 from .types import Message
+from .token_counter import TokenCounter
 from .clawd_integration import get_clawd
 from .model_router import get_subagent_model
 logger = logging.getLogger(__name__)
@@ -35,7 +36,11 @@ class CompactionMixin:
         recent_tokens = 0
         for msg in reversed(all_but_system):
             msg_tokens = self._estimate_message_tokens(msg)
-            if recent_tokens + msg_tokens > self.RECENT_TOKEN_BUDGET and recent:
+            if recent_tokens + msg_tokens > self.RECENT_TOKEN_BUDGET:
+                if not recent:
+                    # Single huge message — include it anyway but stop after
+                    recent.insert(0, msg)
+                    recent_tokens += msg_tokens
                 break
             recent.insert(0, msg)
             recent_tokens += msg_tokens
@@ -79,8 +84,11 @@ class CompactionMixin:
         recent_tokens = 0
         for msg in reversed(all_but_system):
             msg_tokens = self._estimate_message_tokens(msg)
-            if recent_tokens + msg_tokens > self.RECENT_TOKEN_BUDGET and recent:
-                # Stop — we've filled the recent budget
+            if recent_tokens + msg_tokens > self.RECENT_TOKEN_BUDGET:
+                if not recent:
+                    # Single huge message — include it anyway but stop after
+                    recent.insert(0, msg)
+                    recent_tokens += msg_tokens
                 break
             recent.insert(0, msg)
             recent_tokens += msg_tokens
@@ -120,7 +128,6 @@ class CompactionMixin:
 
     def _estimate_message_tokens(self, msg: Message) -> int:
         """Rough token estimate for a single message (via TokenCounter)."""
-        from .token_counter import TokenCounter
         model = getattr(self.llm.config, 'model', '')
         return TokenCounter.for_model(model).count_tokens([msg])
 

{ata_coder-2.4.3 → ata_coder-2.4.4/ata_coder.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: ata-coder
-Version: 2.4.3
+Version: 2.4.4
 Summary: ATA Coder — AI-powered coding assistant
 Author: ATA Coder Team
 License-Expression: MIT
@@ -51,6 +51,10 @@ Dynamic: license-file
 
 ATA Coder is a CLI AI coding assistant compatible with OpenAI and Anthropic APIs. It runs on a **single-threaded asyncio event loop** — no threads, no race conditions, low memory. Features deterministic AST-based code editing, sub-agent pool, MCP support, and a built-in HTTP API server.
 
+```bash
+pip install ata-coder
+```
+
 ### Architecture (v2.3.3)
 
 ```
@@ -95,7 +99,12 @@ asyncio Event Loop (single-threaded)
 ### Quick Start
 
 ```bash
+# Install from PyPI (recommended)
+pip install ata-coder
+
+# Or install from source (development)
 pip install -e .
+
 ata                          # Interactive REPL
 ata run "Add type hints"     # Single task
 ata server --port 8080       # HTTP API server
@@ -558,7 +567,12 @@ asyncio 事件循环（单线程）
 ### 快速开始
 
 ```bash
+# 从 PyPI 安装（推荐）
+pip install ata-coder
+
+# 或从源码安装（开发模式）
 pip install -e .
+
 ata                          # 交互模式
 ata run "添加类型注解"        # 单任务
 ata server --port 8080       # API 服务

{ata_coder-2.4.3 → ata_coder-2.4.4}/config.py

@@ -176,7 +176,7 @@ class AppConfig:
 
     llm: LLMConfig = field(default_factory=LLMConfig)
     agent: AgentConfig = field(default_factory=AgentConfig)
-    effort: str = field(default_factory=lambda: _from_settings("effort_level", "medium"))
+    effort: str = field(default_factory=lambda: (_from_settings("effort_level") or "medium"))
 
     @classmethod
     def load(cls) -> "AppConfig":
@@ -246,7 +246,12 @@ def _safe_temperature() -> float:
 
 
 def _settings_api_key() -> str:
-    return _from_settings("api_key", "")
+    """Resolve API key with tiered fallback (OS keychain → env vars → settings.json)."""
+    try:
+        from .settings import resolve_api_key
+        return resolve_api_key()
+    except ImportError:
+        return _from_settings("api_key", "")
 
 
 def _settings_base_url() -> str:

{ata_coder-2.4.3 → ata_coder-2.4.4}/git_workflow.py

@@ -134,13 +134,15 @@ class GitWorkflow:
                     status.modified += 1
             status.clean = (status.staged == 0 and status.modified == 0 and status.untracked == 0)
 
-        # Ahead/behind
-        _, ahead_str, _ = _run_git(["rev-list", "--count", "@{u}..HEAD"], self.cwd, timeout=10)
-        if ahead_str and ahead_str.isdigit():
-            status.ahead = int(ahead_str)
-        _, behind_str, _ = _run_git(["rev-list", "--count", "HEAD..@{u}"], self.cwd, timeout=10)
-        if behind_str and behind_str.isdigit():
-            status.behind = int(behind_str)
+        # Ahead/behind — only if upstream is configured
+        has_upstream, _, _ = _run_git(["rev-parse", "--abbrev-ref", "@{u}"], self.cwd, timeout=10)
+        if has_upstream == 0:
+            _, ahead_str, _ = _run_git(["rev-list", "--count", "@{u}..HEAD"], self.cwd, timeout=10)
+            if ahead_str and ahead_str.isdigit():
+                status.ahead = int(ahead_str)
+            _, behind_str, _ = _run_git(["rev-list", "--count", "HEAD..@{u}"], self.cwd, timeout=10)
+            if behind_str and behind_str.isdigit():
+                status.behind = int(behind_str)
 
         # Last commit
         _, last, _ = _run_git(["log", "-1", "--format=%h %s"], self.cwd)

{ata_coder-2.4.3 → ata_coder-2.4.4}/main.py

@@ -44,7 +44,7 @@ if sys.platform == 'win32':
         _patched_init.__ata_patched__ = True
         _sp.Popen.__init__ = _patched_init
 
-__version__ = "2.4.3"
+__version__ = "2.4.4"
 
 import asyncio
 import logging

{ata_coder-2.4.3 → ata_coder-2.4.4}/mcp_client.py

@@ -995,6 +995,25 @@ class MCPClient:
         """Register a callback for health check failures."""
         self._on_health_fail = callback
 
+    async def reconnect_server(self, name: str) -> bool:
+        """Attempt to reconnect a failed MCP server. Returns True on success."""
+        conn = self._connections.get(name)
+        if not conn:
+            return False
+        logger.info("[%s] Attempting reconnection...", name)
+        try:
+            await conn.stop()
+        except Exception:
+            pass
+        try:
+            await conn.start()
+            self._register_server_tools(name, conn)
+            logger.info("[%s] Reconnected successfully", name)
+            return True
+        except Exception as e:
+            logger.warning("[%s] Reconnection failed: %s", name, e)
+            return False
+
     def start_health_monitor(self, interval: float = 60.0) -> None:
         """Start periodic health checks (ping every N seconds)."""
         if self._health_running:
@@ -1021,16 +1040,19 @@ class MCPClient:
                 break
             for name, conn in list(self._connections.items()):
                 try:
-                    if not await conn.ping(timeout=10):
-                        logger.warning("[%s] Health check failed: no response", name)
+                    alive = await conn.ping(timeout=10)
+                    if not alive:
+                        logger.warning("[%s] Health check failed — attempting reconnect", name)
                         if self._on_health_fail:
                             self._on_health_fail(name)
+                        await self.reconnect_server(name)
                 except asyncio.CancelledError:
                     raise
                 except Exception as e:
-                    logger.warning("[%s] Health check error: %s", name, e)
+                    logger.warning("[%s] Health check error: %s — attempting reconnect", name, e)
                     if self._on_health_fail:
                         self._on_health_fail(name)
+                    await self.reconnect_server(name)
 
     # ── Properties ──────────────────────────────────────────────────────────
 

{ata_coder-2.4.3 → ata_coder-2.4.4}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "ata-coder"
-version = "2.4.3"
+version = "2.4.4"
 description = "ATA Coder — AI-powered coding assistant"
 readme = "README.md"
 requires-python = ">=3.10"

{ata_coder-2.4.3 → ata_coder-2.4.4}/safety_guard.py

@@ -98,63 +98,78 @@ PROTECTED_PATHS = [
 
 # Destructive shell command patterns
 DESTRUCTIVE_PATTERNS = [
-    # System destruction
-    (r"rm\s+-r\w*\s*-?f\w*\s+/(?:\s|$)", RiskLevel.CRITICAL, "Recursive delete of root filesystem"),
-    (r"rm\s+-r\w*\s*-?f\w*\s+~", RiskLevel.CRITICAL, "Recursive delete of home directory"),
-    (r"rm\s+-r\w*\s*-?f\w*\s+\$HOME", RiskLevel.CRITICAL, "Recursive delete of home directory"),
+    # System destruction — cover common bypasses (/*, / *, wildcards, etc.)
+    (r"\brm\s+.*-r\w*\s*-?f\w*\s+/(?:\s|\*|$)", RiskLevel.CRITICAL, "Recursive delete of root filesystem"),
+    (r"\brm\s+.*-r\w*\s*-?f\w*\s+/\s*\*", RiskLevel.CRITICAL, "Recursive delete of root filesystem (/*)"),
+    (r"\brm\s+.*-r\w*\s*-?f\w*\s+/\s+\*", RiskLevel.CRITICAL, "Recursive delete of root filesystem (/ *)"),
+    (r"\brm\s+.*-r\w*\s*-?f\w*\s+~", RiskLevel.CRITICAL, "Recursive delete of home directory"),
+    (r"\brm\s+.*-r\w*\s*-?f\w*\s+\$HOME", RiskLevel.CRITICAL, "Recursive delete of home directory"),
+    (r"\bfind\s+/.*-delete\b", RiskLevel.CRITICAL, "Recursive delete of root via find"),
+    (r"\bfind\s+/\s+.*-delete\b", RiskLevel.CRITICAL, "Recursive delete of root via find"),
+    (r"\bfind\s+/.*-exec\s+rm\b", RiskLevel.CRITICAL, "Recursive delete via find -exec rm"),
+    (r"\bfind\s+/\s+.*-exec\s+rm\b", RiskLevel.CRITICAL, "Recursive delete of root via find -exec rm"),
     (r"mkfs\.", RiskLevel.CRITICAL, "Filesystem format"),
-    (r"dd\s+if=", RiskLevel.CRITICAL, "Raw disk write (dd)"),
-    (r"dd\s+of=", RiskLevel.CRITICAL, "Raw disk write (dd of=)"),
+    (r"\bdd\s+if=", RiskLevel.CRITICAL, "Raw disk write (dd)"),
+    (r"\bdd\s+of=", RiskLevel.CRITICAL, "Raw disk write (dd of=)"),
     (r">\s*/dev/sd", RiskLevel.CRITICAL, "Direct disk write"),
     (r">\s*/dev/nvme", RiskLevel.CRITICAL, "Direct NVMe write"),
-    (r"find\s+.*-delete", RiskLevel.DANGER, "Recursive delete via find"),
-    (r"shred\s+", RiskLevel.DANGER, "Secure file deletion"),
+    (r"\bshred\s+", RiskLevel.DANGER, "Secure file deletion"),
     (r"\$\(.*\)", RiskLevel.CAUTION, "Command substitution detected"),
     (r"`[^`]+`", RiskLevel.CAUTION, "Backtick command substitution detected"),
     (r"chmod\s+777\s+/", RiskLevel.CRITICAL, "World-writable root"),
     (r"chmod\s+-R\s+777\s+/", RiskLevel.CRITICAL, "World-writable root recursive"),
 
     # System control
-    (r"shutdown", RiskLevel.DANGER, "System shutdown"),
-    (r"reboot", RiskLevel.DANGER, "System reboot"),
-    (r"systemctl\s+stop", RiskLevel.DANGER, "Stop system service"),
-    (r"systemctl\s+disable", RiskLevel.DANGER, "Disable system service"),
-    (r"killall", RiskLevel.DANGER, "Kill all processes"),
-    (r"pkill", RiskLevel.DANGER, "Kill processes by pattern"),
+    (r"\bshutdown\b", RiskLevel.DANGER, "System shutdown"),
+    (r"\breboot\b", RiskLevel.DANGER, "System reboot"),
+    (r"\bsystemctl\s+stop\b", RiskLevel.DANGER, "Stop system service"),
+    (r"\bsystemctl\s+disable\b", RiskLevel.DANGER, "Disable system service"),
+    (r"\bkillall\b", RiskLevel.DANGER, "Kill all processes"),
+    (r"\bpkill\b", RiskLevel.DANGER, "Kill processes by pattern"),
 
     # Git danger
-    (r"git\s+push\s+--force", RiskLevel.DANGER, "Force push"),
-    (r"git\s+push\s+-f", RiskLevel.DANGER, "Force push"),
-    (r"git\s+reset\s+--hard", RiskLevel.DANGER, "Hard reset — loses changes"),
-    (r"git\s+clean\s+-fdx", RiskLevel.DANGER, "Remove all untracked files"),
+    (r"\bgit\s+push\s+--force\b", RiskLevel.DANGER, "Force push"),
+    (r"\bgit\s+push\s+-f\b", RiskLevel.DANGER, "Force push"),
+    (r"\bgit\s+reset\s+--hard\b", RiskLevel.DANGER, "Hard reset — loses changes"),
+    (r"\bgit\s+clean\s+-fdx\b", RiskLevel.DANGER, "Remove all untracked files"),
 
     # Network danger
-    (r"curl.*\|\s*(ba)?sh", RiskLevel.DANGER, "Pipe curl to shell"),
-    (r"wget.*\|\s*(ba)?sh", RiskLevel.DANGER, "Pipe wget to shell"),
-    (r"nc\s+-l", RiskLevel.CAUTION, "Open network listener"),
+    (r"\bcurl\b.*\|\s*(ba)?sh\b", RiskLevel.DANGER, "Pipe curl to shell"),
+    (r"\bwget\b.*\|\s*(ba)?sh\b", RiskLevel.DANGER, "Pipe wget to shell"),
+    (r"\bnc\s+-l\b", RiskLevel.CAUTION, "Open network listener"),
 
     # Fork bomb
     (r":\(\)\s*\{", RiskLevel.CRITICAL, "Fork bomb pattern"),
 
     # Database danger
-    (r"DROP\s+(TABLE|DATABASE)", RiskLevel.DANGER, "SQL DROP operation"),
-    (r"TRUNCATE\s+(TABLE\s+)?", RiskLevel.DANGER, "SQL TRUNCATE operation"),
-    (r"DELETE\s+FROM\s+\w+\s+WHERE", RiskLevel.CAUTION, "SQL DELETE with condition"),
-    (r"DELETE\s+FROM\s+\w+\s*;", RiskLevel.DANGER, "SQL DELETE without WHERE"),
+    (r"\bDROP\s+(TABLE|DATABASE)\b", RiskLevel.DANGER, "SQL DROP operation"),
+    (r"\bTRUNCATE\s+(TABLE\s+)?", RiskLevel.DANGER, "SQL TRUNCATE operation"),
+    (r"\bDELETE\s+FROM\s+\w+\s+WHERE\b", RiskLevel.CAUTION, "SQL DELETE with condition"),
+    (r"\bDELETE\s+FROM\s+\w+\s*;", RiskLevel.DANGER, "SQL DELETE without WHERE"),
 
     # Package manager danger
-    (r"(pip|npm|gem|cargo)\s+(uninstall|remove)", RiskLevel.CAUTION, "Package removal"),
+    (r"\b(pip|npm|gem|cargo)\s+(uninstall|remove)\b", RiskLevel.CAUTION, "Package removal"),
 
     # Permission changes
-    (r"chmod\s+777", RiskLevel.CAUTION, "Make file world-writable"),
-    (r"chown\s+root", RiskLevel.DANGER, "Change owner to root"),
+    (r"\bchmod\s+777\b", RiskLevel.CAUTION, "Make file world-writable"),
+    (r"\bchown\s+root\b", RiskLevel.DANGER, "Change owner to root"),
 
     # Encoded / obfuscated commands (common bypass techniques)
-    (r"base64\s+(-d|--decode)", RiskLevel.CAUTION, "Base64 decode — possible obfuscated command"),
+    (r"\bbase64\s+(-d|--decode)\b", RiskLevel.CAUTION, "Base64 decode — possible obfuscated command"),
     (r"\bIEX\s*\([^)]*\)", RiskLevel.DANGER, "PowerShell Invoke-Expression (IEX) — remote code execution risk"),
-    (r"Invoke-Expression", RiskLevel.DANGER, "PowerShell Invoke-Expression — remote code execution risk"),
-    (r"Invoke-WebRequest", RiskLevel.CAUTION, "PowerShell Invoke-WebRequest — fetches remote content"),
-    (r"Invoke-RestMethod", RiskLevel.CAUTION, "PowerShell Invoke-RestMethod — fetches remote content"),
+    (r"\bInvoke-Expression\b", RiskLevel.DANGER, "PowerShell Invoke-Expression — remote code execution risk"),
+    (r"\bInvoke-WebRequest\b", RiskLevel.CAUTION, "PowerShell Invoke-WebRequest — fetches remote content"),
+    (r"\bInvoke-RestMethod\b", RiskLevel.CAUTION, "PowerShell Invoke-RestMethod — fetches remote content"),
+    # Additional PowerShell bypass techniques
+    (r"\bStart-Process\s+.*-Verb\s+RunAs\b", RiskLevel.DANGER, "PowerShell elevated execution"),
+    (r"\[\s*System\.Net\.WebClient\s*\]", RiskLevel.DANGER, "PowerShell WebClient — remote download"),
+    (r"\[\s*System\.Reflection\.Assembly\s*\]", RiskLevel.DANGER, "PowerShell reflection assembly load"),
+
+    # Additional bypass techniques
+    (r"\beval\s+.*\$", RiskLevel.CAUTION, "Eval with variable — possible code injection"),
+    (r"\bxargs\s+.*\brm\b", RiskLevel.DANGER, "xargs with rm — mass delete"),
+    (r">\s*/etc/", RiskLevel.CRITICAL, "Write to /etc/"),
+    (r">\s*/boot/", RiskLevel.CRITICAL, "Write to /boot/"),
 ]
 
 # Suspicious file extensions (writing these is unusual for a code agent)